gh0strat | 4c562328db8306067be8478bbfc281caca93853f22c7725ac70d18aea0c8e471 | Triage

Submit
Reports

Overview

overview

Static

static

4c562328db...71.dll

windows7-x64

4c562328db...71.dll

windows10-2004-x64

Sharing

General

Target

4c562328db8306067be8478bbfc281caca93853f22c7725ac70d18aea0c8e471
Size

899KB
Sample

250127-b7djmsvrbk
MD5

7c731a51e4d96a578bf8580c561c0f62
SHA1

4129362fd5ff9f67070319b4770d142c84915309
SHA256

4c562328db8306067be8478bbfc281caca93853f22c7725ac70d18aea0c8e471
SHA512

88f95e1a4f64887484b8e3d37d55c2bbe3a80bad231811d4dc4450680cf849f4d60784cd38fd564e9f2dca142bb8de5a4f2520c4b7827b883f6861bda7c0a46f
SSDEEP

24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXd:7wqd87Vd

Score

10^/10

gh0strat discovery rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

4c562328db8306067be8478bbfc281caca93853f22c7725ac70d18aea0c8e471.dll

Resource

win7-20241010-en

gh0strat discovery rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

4c562328db8306067be8478bbfc281caca93853f22c7725ac70d18aea0c8e471.dll

Resource

win10v2004-20241007-en

gh0strat discovery rat

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

- Target
  
  4c562328db8306067be8478bbfc281caca93853f22c7725ac70d18aea0c8e471
- Size
  
  899KB
- MD5
  
  7c731a51e4d96a578bf8580c561c0f62
- SHA1
  
  4129362fd5ff9f67070319b4770d142c84915309
- SHA256
  
  4c562328db8306067be8478bbfc281caca93853f22c7725ac70d18aea0c8e471
- SHA512
  
  88f95e1a4f64887484b8e3d37d55c2bbe3a80bad231811d4dc4450680cf849f4d60784cd38fd564e9f2dca142bb8de5a4f2520c4b7827b883f6861bda7c0a46f
- SSDEEP
  
  24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXd:7wqd87Vd
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Gh0strat family
  gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2025

Terms | Privacy